8 matches found
Astra Linux - уязвимость в 389-ds-base
When binding against a DN during authentication, the response from 389-ds-base will differ depending on whether the DN exists or not. This can be exploited by an unauthenticated attacker to check the existence of an entry in the LDAP database...
MiracleLinux 8 : 389-ds:1.4 bug fix and enhancement update (AXSA:2021-2281:02)
The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-2281:02 advisory. An update for the 389-ds:1.4 module is now available. CVE-2020-35518 When binding against a DN during authentication, the reply from 389-ds-base will be...
SUSE CVE-2020-35518
When binding against a DN during authentication, the reply from 389-ds-base will be different whether the DN exists or not. This can be used by an unauthenticated attacker to check the existence of an entry in the LDAP database...
USN-5231-1 389-ds-base vulnerabilities
It was discovered that 389 Directory Server presented to users, during authentication, an error message which could be used to discover if a certain LDAP DN existed or not. A remote unauthenticated attacker could possibly use this to check the existence of an entry in a LDAP database and expose...
OESA-2022-1602 three-eight-nine-ds-base security update
389-ds-base is an LDAPv3 compliant server which includes the LDAP server and command line utilities for server administration. Security Fixes: When binding against a DN during authentication, the reply from 389-ds-base will be different whether the DN exists or not. This can be used by an...
389-ds-base: information disclosure during the binding of a DN
When binding against a DN during authentication, the reply from 389-ds-base will be different whether the DN exists or not. This can be used by an unauthenticated attacker to check the existence of an entry in the LDAP database...
389-ds-base: information disclosure during the binding of a DN
When binding against a DN during authentication, the reply from 389-ds-base will be different whether the DN exists or not. This can be used by an unauthenticated attacker to check the existence of an entry in the LDAP database...
389-ds-base: information disclosure during the binding of a DN
When binding against a DN during authentication, the reply from 389-ds-base will be different whether the DN exists or not. This can be used by an unauthenticated attacker to check the existence of an entry in the LDAP database...